spring-projects
diff --git a/‎spring-boot-project/spring-boot-actuator-autoconfigure/pom.xml‎
Lines changed: 10 additions & 0 deletions b/‎spring-boot-project/spring-boot-actuator-autoconfigure/pom.xml‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/AccessLevel.java‎
Lines changed: 2 additions & 12 deletions b/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/AccessLevel.java‎
Lines changed: 2 additions & 12 deletions
diff --git a/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/CloudFoundryAuthorizationException.java‎
Lines changed: 4 additions & 4 deletions b/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/CloudFoundryAuthorizationException.java‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/SecurityResponse.java‎
Lines changed: 53 additions & 0 deletions b/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/SecurityResponse.java‎
Lines changed: 53 additions & 0 deletions
diff --git a/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/Token.java‎
Lines changed: 8 additions & 7 deletions b/‎spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/Token.java‎
Lines changed: 8 additions & 7 deletions
@@ -348,6 +348,16 @@
 			<artifactId>logback-classic</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>io.projectreactor</groupId>
+			<artifactId>reactor-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.squareup.okhttp3</groupId>
+			<artifactId>mockwebserver</artifactId>
+			<scope>test</scope>
+		</dependency>
 		<dependency>
 			<groupId>com.jayway.jsonpath</groupId>
 			<artifactId>json-path</artifactId>
 
@@ -19,15 +19,13 @@
 import java.util.Arrays;
 import java.util.List;
 
-import javax.servlet.http.HttpServletRequest;
-
 /**
  * The specific access level granted to the cloud foundry user that's calling the
  * endpoints.
  *
  * @author Madhura Bhave
  */
-enum AccessLevel {
+public enum AccessLevel {
 
 	/**
 	 * Restricted access to a limited set of endpoints.
@@ -39,7 +37,7 @@ enum AccessLevel {
 	 */
 	FULL;
 
-	private static final String REQUEST_ATTRIBUTE = "cloudFoundryAccessLevel";
+	public static final String REQUEST_ATTRIBUTE = "cloudFoundryAccessLevel";
 
 	private final List<String> endpointPaths;
 
@@ -56,12 +54,4 @@ public boolean isAccessAllowed(String endpointPath) {
 		return this.endpointPaths.isEmpty() || this.endpointPaths.contains(endpointPath);
 	}
 
-	public void put(HttpServletRequest request) {
-		request.setAttribute(REQUEST_ATTRIBUTE, this);
-	}
-
-	public static AccessLevel get(HttpServletRequest request) {
-		return (AccessLevel) request.getAttribute(REQUEST_ATTRIBUTE);
-	}
-
 }
@@ -23,15 +23,15 @@
  *
  * @author Madhura Bhave
  */
-class CloudFoundryAuthorizationException extends RuntimeException {
+public class CloudFoundryAuthorizationException extends RuntimeException {
 
 	private final Reason reason;
 
-	CloudFoundryAuthorizationException(Reason reason, String message) {
+	public CloudFoundryAuthorizationException(Reason reason, String message) {
 		this(reason, message, null);
 	}
 
-	CloudFoundryAuthorizationException(Reason reason, String message, Throwable cause) {
+	public CloudFoundryAuthorizationException(Reason reason, String message, Throwable cause) {
 		super(message);
 		this.reason = reason;
 	}
@@ -55,7 +55,7 @@ public Reason getReason() {
 	/**
 	 * Reasons why the exception can be thrown.
 	 */
-	enum Reason {
+	public enum Reason {
 
 		ACCESS_DENIED(HttpStatus.FORBIDDEN),
 
 
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.actuate.autoconfigure.cloudfoundry;
+
+import org.springframework.http.HttpStatus;
+
+/**
+ * Response from the Cloud Foundry security interceptors.
+ *
+ * @author Madhura Bhave
+ */
+public class SecurityResponse {
+
+	private final HttpStatus status;
+
+	private final String message;
+
+	public SecurityResponse(HttpStatus status) {
+		this(status, null);
+	}
+
+	public SecurityResponse(HttpStatus status, String message) {
+		this.status = status;
+		this.message = message;
+	}
+
+	public HttpStatus getStatus() {
+		return this.status;
+	}
+
+	public String getMessage() {
+		return this.message;
+	}
+
+	public static SecurityResponse success() {
+		return new SecurityResponse(HttpStatus.OK);
+	}
+
+}
@@ -20,6 +20,7 @@
 import java.util.List;
 import java.util.Map;
 
+import org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException.Reason;
 import org.springframework.boot.json.JsonParserFactory;
 import org.springframework.util.Base64Utils;
 import org.springframework.util.StringUtils;
@@ -29,7 +30,7 @@
  *
  * @author Madhura Bhave
  */
-class Token {
+public class Token {
 
 	private static final Charset UTF_8 = Charset.forName("UTF-8");
 
@@ -41,21 +42,21 @@ class Token {
 
 	private final Map<String, Object> claims;
 
-	Token(String encoded) {
+	public Token(String encoded) {
 		this.encoded = encoded;
 		int firstPeriod = encoded.indexOf('.');
 		int lastPeriod = encoded.lastIndexOf('.');
 		if (firstPeriod <= 0 || lastPeriod <= firstPeriod) {
 			throw new CloudFoundryAuthorizationException(
-					CloudFoundryAuthorizationException.Reason.INVALID_TOKEN,
+					Reason.INVALID_TOKEN,
 					"JWT must have header, body and signature");
 		}
 		this.header = parseJson(encoded.substring(0, firstPeriod));
 		this.claims = parseJson(encoded.substring(firstPeriod + 1, lastPeriod));
 		this.signature = encoded.substring(lastPeriod + 1);
 		if (!StringUtils.hasLength(this.signature)) {
 			throw new CloudFoundryAuthorizationException(
-					CloudFoundryAuthorizationException.Reason.INVALID_TOKEN,
+					Reason.INVALID_TOKEN,
 					"Token must have non-empty crypto segment");
 		}
 	}
@@ -67,7 +68,7 @@ private Map<String, Object> parseJson(String base64) {
 		}
 		catch (RuntimeException ex) {
 			throw new CloudFoundryAuthorizationException(
-					CloudFoundryAuthorizationException.Reason.INVALID_TOKEN,
+					Reason.INVALID_TOKEN,
 					"Token could not be parsed", ex);
 		}
 	}
@@ -106,12 +107,12 @@ private <T> T getRequired(Map<String, Object> map, String key, Class<T> type) {
 		Object value = map.get(key);
 		if (value == null) {
 			throw new CloudFoundryAuthorizationException(
-					CloudFoundryAuthorizationException.Reason.INVALID_TOKEN,
+					Reason.INVALID_TOKEN,
 					"Unable to get value from key " + key);
 		}
 		if (!type.isInstance(value)) {
 			throw new CloudFoundryAuthorizationException(
-					CloudFoundryAuthorizationException.Reason.INVALID_TOKEN,
+					Reason.INVALID_TOKEN,
 					"Unexpected value type from key " + key + " value " + value);
 		}
 		return (T) value;